- [Instructor] Having appropriate processes and runbooks…to outline execution procedures, are core tenets…to an organization's ability to react to a data breach.…A process is simply a series of actions or steps…taken in a specific order.…These processes can be automated or manual.…They can be technical or not.…The primary objective should be to standardize the process…in a way that can be simply executed.…Note that simple does not always mean easy…for an organization.…

Once a process is standardized, an organization can create…a runbook with specific tasks and protocols.…This type of reference can be beneficial in times…of pressure or crisis, since many people can get…disoriented and sidetracked due to being overwhelmed.…Having a runbook also protects an organization in case…a key participant is absent, by allowing an alternate person…to execute those tasks.…The more an organization includes in the runbook,…the better prepared they will be.…

Some core things to include are an overview of the system…and its setup.…

Resume Transcript Auto-Scroll

Author

Released

1/23/2018

The General Data Protection Regulation (GDPR) is a new privacy-related regulation in the EU that will become active and enforceable in May of 2018. GDPR requires US companies doing business in the EU to protect citizen privacy, and companies who do not comply will face heavy fines. This course is intended to outline who needs to do this, what they need to do, and how they need to do it. Learn about the scope of GDPR, the definition of a personal data breach, the rights of data subjects, incident response requirements under GDPR, and more.

DISCLAIMER: Neither LinkedIn nor the instructor represents you, and they are not giving legal advice. The information conveyed through this course is not intended to give legal advice, but instead to communicate information to help viewers understand the basics of the topic presented. Certain concepts may not apply in all countries. The views (and legal interpretations) presented in this course do not necessarily represent the views of LinkedIn or Lynda.com.

Topics include:

Compliance deadlines and penalties

Data controllers and data processors under GDPR

Exploring the role of the data protection office

Technical measures outlined in the GDPR

Reviewing the right to be forgotten and the situations that allow erasure